[clamav-users] Please help to check the Mirror 140.128.9.18 ( update )

2012-05-23 Thread Michael Wu
Sorry for mistaken typing; the last mailinglist mail received should be "Vol. 92 issue 14", not "Vol. 92 issue 13". Thank you and regards, Michael ___ Help us build a comprehe

[clamav-users] Please help to check the Mirror 140.128.9.18

2012-05-23 Thread Michael Wu
Hello, In the logwatch report, we see the message as follows, "Last Status: main.cld is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven) Downloading daily-14952.cdiff [100%] Downloading daily-14953.cdiff [100%] WARNING: getfile: daily-14954.cdiff not

Re: [clamav-users] Again Falsk2

2012-05-23 Thread md11
Ppt:)0s.kKBTllLlLLlvULT AUA.KATKKLL..TKIla.kalgigju't ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml

Re: [clamav-users] Again False Positive for BC.Exploit.CVE_2012_1847 ?

2012-05-23 Thread David Alix
It looks like it was a latency problem. Restarting my mimedefang daemon fixed the problem. Thanks David --On Wednesday, May 23, 2012 9:18 AM -0700 David Alix wrote: Bytecode 184 went onto my system at 8:45 this morning. As of 9:05 I am still getting BC_Exploit.CVE_2012_1847 rejection

Re: [clamav-users] Again False Positive for BC.Exploit.CVE_2012_1847 ?

2012-05-23 Thread David Alix
Bytecode 184 went onto my system at 8:45 this morning. As of 9:05 I am still getting BC_Exploit.CVE_2012_1847 rejections. I do not quarantine (I reject) viruses, so I don't have a copy to send in. Could this be a latency problem - could not all of the mimedefang.pl daemons have picked up the

Re: [clamav-users] Again False Positive for BC.Exploit.CVE_2012_1847 ?

2012-05-23 Thread Matthias Egger
Hello Alain On 23.05.2012 17:38, Alain Zidouemba wrote: It's a different problem. The offending signature today is "BC.Exploit.CVE_2012_1847-1". Removed in bytecode CVD 184. Thanks. My freshclam just got it 17:45 and now everything works as intended again. Thank you for the fast reaction. Be

Re: [clamav-users] Again False Positive for BC.Exploit.CVE_2012_1847 ?

2012-05-23 Thread Joel Esler
I assume you've ran freshclam since then. So, if so, then no. Please send the file into us via the clamav.net FP reporter, and email us back with the md5 and we'll take a look. -- Joel Esler Senior Research Engineer, VRT OpenSource Community Manager Sourcefire On May 23, 2012, at 11:18 AM, Ma

Re: [clamav-users] Again False Positive for BC.Exploit.CVE_2012_1847 ?

2012-05-23 Thread Alain Zidouemba
Matthias: It's a different problem. The offending signature today is "BC.Exploit.CVE_2012_1847-1". Removed in bytecode CVD 184. - Alain On Wed, May 23, 2012 at 11:18 AM, Matthias Egger wrote: > Hello > > I have a Quarantained (amavisd-new) email with an Excel Attachment. clamav > thinks it matc

[clamav-users] Again False Positive for BC.Exploit.CVE_2012_1847 ?

2012-05-23 Thread Matthias Egger
Hello I have a Quarantained (amavisd-new) email with an Excel Attachment. clamav thinks it matches against BC.Exploit.CVE_2012_1847 Sophos doesn't complain and when i send the excel file to virustotal. no other virusscanner complains about that. So is this the same problem we had on May 11t